TlsHandshake

The following keys are available in TlsHandshake escape logs:

next_bind_ip

optional, type: ip address string

The selected bind IP before the connection to the remote peer is attempted.

Present only when bind-IP configuration is enabled on the corresponding escaper.

next_expire

optional, type: rfc3339 timestamp string with microseconds

The expected expiration time of the next peer.

Present only when the next escaper is dynamic and a remote peer has already been selected.

tls_name

required, type: domain name or ip string

The TLS name used to verify the remote peer certificate.

tls_peer

required, type: domain:port | socket address string

The remote peer with which the TLS session is established.

tls_application

required, type: enum string

The application protocol intended to run inside the TLS channel.

The values are:

  • HttpForward

    The user sent an HttpsForward request, so vey-proxy had to establish a TLS channel.

  • HttpProxy

    The next peer is an HTTPS proxy.